package com.example;

import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;

@Configuration
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
	@Override
	protected void configure(HttpSecurity http) throws Exception{
		http
		      .authorizeRequests()
		      .antMatchers("/","/login").permitAll()
		      .anyRequest().authenticated()
		      .and()
		      .formLogin()
		      .loginPage("/login")
		      .defaultSuccessUrl("/chat")
		      .permitAll()
		      .and()
		      .logout()
		      .permitAll();
	}
	@Override
	protected void configure(AuthenticationManagerBuilder auth) throws Exception{
		auth
				.inMemoryAuthentication()
				.withUser("wyf").password("wyf").roles("USER")
				.and()
				.withUser("wisely").password("wisely").roles("USER");
	}
	@Override
	public void configure(WebSecurity web) throws Exception{
		web.ignoring().antMatchers("/resources/static/**");
	}

}
